Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
File:                     PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft (raw, json)
Hash identifier:          DsrX0cfJoI5qhFBb898uIDW0X3xd5vuEWriRKrNvYOc=
Subject key identifier:   F5:0D:3C:7D:EF:EB:B9:0C:30:83:59:7C:D2:73:B4:37:2E:2B:91:47
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Certificate issuer:       /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial:       019A006C42F16A0CC76B490FAB85DF4AB90B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
Manifest number:          10EC
Signing time:             Mon 20 Oct 2025 07:01:26 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:26 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:26 +0000
Files and hashes:         1: DTkkXlwWhjBYM7E-LiW8oFBHJjI.roa (hash: cFY01vIGbPqfZkXvhIFJCumwHCyy8N/DU0Sq4RcHFF0=)
                          2: F-tWEgFXNk85dgLML3v4CjJQNJI.roa (hash: KLZ5Ryps6kGcz+Vvj/Jt1Z7hc5rWBKew1n0+/36PDXM=)
                          3: PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl (hash: jGcgakIqlIDrpTrrFOL7eVA8hJmNw4FX55vgYHizIkM=)
                          4: PgYgGFElQ5q1n0LGZNZBRta_Qd4.roa (hash: 69CNmBY++9WnYAnXQ2BFsg1ecbH6Dliq6fHkpb2sLS4=)
                          5: c_bN0qeZ98kLK_mj8jLJCUhCuDk.roa (hash: 6teRR+6kz/ZhchnuaFTgHT4htaDxgUNTDG0QN1bVrBA=)
                          6: f3EQDAp01aGz4ygf13OnfmgCiyU.roa (hash: K8CWfwsXMWBETuXajB8y0tfb/O1sIwj6IWVOuqi5a0s=)
                          7: fnn2PBqaEkB-G35nmktclyOEVrM.roa (hash: z4jXqUIY33n8wsiIhXSfBMidI9YSQa2N+6IYP0IxcVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6c:42:f1:6a:0c:c7:6b:49:0f:ab:85:df:4a:b9:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
        Validity
            Not Before: Oct 20 07:01:26 2025 GMT
            Not After : Oct 21 07:01:26 2025 GMT
        Subject: CN=f50d3c7defebb90c3083597cd273b4372e2b9147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0d:97:68:8c:7d:22:87:e2:03:ee:76:fd:78:
                    c3:56:a7:12:e7:db:8e:fe:e5:00:c6:42:d9:08:73:
                    5c:4c:cd:07:ef:8e:70:6e:ea:8e:0d:a7:05:b8:13:
                    e3:34:64:ba:52:35:df:d6:27:14:11:2d:98:bf:d8:
                    d0:d9:1e:a1:05:57:c6:c8:50:75:46:00:69:fc:b9:
                    37:ea:e5:a3:fe:79:bd:81:cf:25:94:29:ad:bb:4b:
                    0e:26:4f:eb:2c:5a:8b:fd:79:b5:d3:15:e1:51:6f:
                    72:b6:68:81:b8:6a:0f:51:98:f5:a4:f5:4e:61:6d:
                    61:42:e4:54:0e:34:7e:36:b5:7d:27:18:5c:50:86:
                    af:e4:94:e8:1c:a2:39:ba:5a:c3:ca:31:88:ac:e9:
                    f8:70:80:fa:f2:83:f5:5a:87:4f:e0:c3:32:0d:b1:
                    4a:d1:a8:70:0c:35:7a:52:fb:7c:cc:64:26:99:21:
                    25:5d:1c:e5:61:15:fc:86:3e:61:f3:b7:d0:e6:dd:
                    51:73:ec:3b:7f:de:2c:32:15:94:25:a7:15:83:71:
                    6f:c4:fe:43:cb:2c:5e:ad:47:34:2c:3d:33:cd:46:
                    88:34:e3:6e:d5:b1:38:97:c6:d7:03:39:bb:e5:6a:
                    33:c4:8f:f0:60:a5:2d:f5:b8:03:d3:14:c2:b9:30:
                    a7:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:0D:3C:7D:EF:EB:B9:0C:30:83:59:7C:D2:73:B4:37:2E:2B:91:47
            X509v3 Authority Key Identifier:
                keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:fb:ec:d4:c6:fb:2b:d3:cf:2b:ad:77:f7:6c:0f:9f:19:45:
         33:a7:92:0e:eb:c2:72:f0:ff:18:ff:13:55:d6:7b:f3:38:78:
         65:28:96:bd:a1:a0:c3:bc:8d:f1:d7:9f:72:2c:ee:ba:33:59:
         3d:dc:8f:70:c1:50:19:cf:71:3b:ed:6c:29:b8:83:ed:a4:12:
         07:65:65:ed:ac:1a:4b:14:83:e4:d6:81:d7:1d:9d:4a:6f:37:
         00:cf:45:79:23:7b:f5:7d:02:fd:6a:fe:d2:a8:09:ad:a7:44:
         40:d7:94:c1:ab:a0:c4:41:c3:b5:4d:17:ce:57:f0:24:a6:3e:
         a9:8c:e9:be:ad:83:cd:5d:cb:6f:ff:22:2c:b4:91:c2:32:a5:
         b3:77:9a:93:a3:05:58:38:b2:c5:94:62:0f:39:88:92:9c:6e:
         16:4f:d1:fd:64:4a:24:3d:12:1b:34:b6:13:6e:d2:4b:be:5b:
         e6:7b:9f:57:b9:04:2d:5a:7b:06:b4:37:4a:a0:40:0d:97:d9:
         3d:f0:fa:cb:1c:9f:78:4b:54:05:76:ed:24:61:e8:20:de:53:
         8e:3f:1d:01:ba:17:17:99:49:8c:51:2c:f7:6a:73:17:59:47:
         1f:16:95:fd:60:36:0c:55:df:1f:0a:1d:83:55:4e:7d:77:d3:
         75:6c:8e:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAbELxagzHa0kPq4XfSrkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjUxMDIwMDcwMTI2WhcNMjUxMDIxMDcwMTI2WjAzMTEwLwYDVQQD
EyhmNTBkM2M3ZGVmZWJiOTBjMzA4MzU5N2NkMjczYjQzNzJlMmI5MTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ2XaIx9IofiA+52/XjDVqcS59uO
/uUAxkLZCHNcTM0H745wbuqODacFuBPjNGS6UjXf1icUES2Yv9jQ2R6hBVfGyFB1
RgBp/Lk36uWj/nm9gc8llCmtu0sOJk/rLFqL/Xm10xXhUW9ytmiBuGoPUZj1pPVO
YW1hQuRUDjR+NrV9JxhcUIav5JToHKI5ulrDyjGIrOn4cID68oP1WodP4MMyDbFK
0ahwDDV6Uvt8zGQmmSElXRzlYRX8hj5h87fQ5t1Rc+w7f94sMhWUJacVg3FvxP5D
yyxerUc0LD0zzUaINONu1bE4l8bXAzm75WozxI/wYKUt9bgD0xTCuTCndQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUNPH3v67kMMINZfNJztDcuK5FHMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdPvs1Mb7
K9PPK61392wPnxlFM6eSDuvCcvD/GP8TVdZ78zh4ZSiWvaGgw7yN8defcizuujNZ
PdyPcMFQGc9xO+1sKbiD7aQSB2Vl7awaSxSD5NaB1x2dSm83AM9FeSN79X0C/Wr+
0qgJradEQNeUwaugxEHDtU0XzlfwJKY+qYzpvq2DzV3Lb/8iLLSRwjKls3eak6MF
WDiyxZRiDzmIkpxuFk/R/WRKJD0SGzS2E27SS75b5nufV7kELVp7BrQ3SqBADZfZ
PfD6yxyfeEtUBXbtJGHoIN5Tjj8dAboXF5lJjFEs92pzF1lHHxaV/WA2DFXfHwod
g1VOfXfTdWyODA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:56:15 2025 by rpki-client